Skip to main content
Noble House Hotels & Resorts
Reserve
Reserve
Gateway Canyons Resort & Spa building with water out front and mountain in the back in Gateway, Colorado

Noble House Hotels & Resorts Privacy Policy.

1. INTRODUCTION

Welcome to Noble House hotels & resorts. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how Noble House hotels & resorts (“we,” “us,” or “our”) collects, uses, shares, and protects your personal information when you:

  • Visit our websites (the “Websites”)
  • Use our mobile application (the “App”)
  • Stay at our properties or use our facilities and services
  • Communicate with us via email, phone, or in person
  • Interact with us on social media platforms

 

Key Points:

  • We only collect information that is necessary to provide our services
  • We do not sell your personal information for monetary consideration
  • You have rights to access, correct, delete, and control your information
  • We implement strong security measures to protect your data

Please read this Privacy Policy carefully. By using our services, you agree
to the collection and use of information in accordance with this policy. If
you do not agree with our policies and practices, please do not use our services.
 

 

2. INFORMATION WE COLLECT

2.1 Information You Provide to Us

We collect information that you voluntarily provide to us when you:

Make a Reservation or Check-In:

  • Contact Information: Name, email address, phone number, mailing address
  • Payment Information: Credit card details, billing address (processed securely)
  • Identification: Government-issued ID information when required by law
  • Stay Preferences: Room type, bed preference, floor preference, special requests
  • Guest Information: Names and ages of additional guests

2.2 Information We Collect Automatically

When you visit our Websites or use our App, we automatically collect certain information:

Device and Usage Information:

  • Device Information: Device type, operating system, unique device identifiers
  • Browser Information: Browser type and version, language settings, time zone
  • Usage Data: Pages visited, time spent, links clicked, search queries
  • Log Data: IP address, access times, referrer URLs, error logs

Location Information:

  • Approximate Location: Derived from IP address
  • Precise Location: If you enable location services on your device (with consent)
  • Wi-Fi and Bluetooth: Connection data when you use our resort Wi-Fi

2.3 Information from Third Parties

We may receive information about you from other sources:

  • Travel Partners: Travel agencies, booking platforms, tour operators
  • Corporate Partners: Employers (for corporate bookings), event planners
  • Social Media: When you interact with us on social platforms
  • Marketing Partners: Demographic and interest data from data providers
  • Public Sources: Publicly available information relevant to our services

 

 

3. HOW WE USE YOUR INFORMATION

3.1 Provide and Manage Services

  • Process and manage your reservations and check-ins
  • Provide accommodation and resort services
  • Process payments and prevent fraud
  • Communicate about your stay and services
  • Respond to your requests and inquiries
  • Provide customer support

3.2 Improve and Personalize Experience

  • Remember your preferences for future stays
  • Personalize your experience based on past interactions
  • Recommend services and amenities you might enjoy
  • Customize marketing communications to your interests
  • Analyze usage patterns to improve our services
  • Conduct surveys and gather feedback

3.3 Marketing and Communications

With your consent (where required), we use your information to:

  • Send promotional emails about special offers and new services
  • Send push notifications through our App
  • Display targeted advertising on our Websites and other platforms
  • Send service-related communications (always permitted)
  • Invite you to participate in surveys or reviews

3.4 Legal Bases for Processing (GDPR)

If you are in the European Economic Area (EEA) or UK, we process your personal information based on:

Legal BasisPurposeExamples
ContractNecessary to fulfill our contract with youProcessing reservations, providing accommodation
ConsentYou have given explicit consentMarketing emails, cookies, location tracking
Legitimate InterestOur legitimate business interestsFraud prevention, security, improving services
Legal ObligationRequired by lawTax records, government reporting
Vital InterestsProtect vital interestsMedical emergencies

 

 

4. WHEN WE SHARE YOUR INFORMATION

We share your information only in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who perform services on our behalf:

  • Payment Processing: Credit card processors, payment gateways
  • Technology Services: Cloud hosting, IT support, cybersecurity
  • Communication Services: Email providers, SMS platforms, call centers
  • Marketing Services: Advertising platforms, email marketing, analytics
  • Property Management: Reservation systems, property management software
  • Professional Services: Lawyers, accountants, auditors, consultants

All service providers are contractually required to protect your information and use it only for the services they provide to us.

 

4.2 Business Partners

  • Travel Partners: When you book through travel agencies or tour operators
  • Corporate Clients: When your stay is booked by your employer
  • Event Partners: Wedding planners, conference organizers (with consent)
  • Loyalty Partners: Airlines, car rental companies (for points/miles)
  • Local Partners: Restaurants, attractions (for reservations/tickets)

4.3 Legal and Safety Reasons

We may disclose information when we believe it is necessary to:

  • Comply with applicable law, regulation, legal process, or governmental request
  • Enforce our terms and conditions and other agreements
  • Protect the rights, property, and safety of Noble House hotels & resorts, our guests, or others
  • Detect, prevent, or address fraud, security, or technical issues
  • Respond to emergencies or acts of God

 

Important Notice About Data Sharing:
We do not sell your personal information to third parties for monetary consideration. However, under certain privacy laws like the CCPA, sharing data for targeted advertising may be considered a “sale.” You have the right to opt-out of such sharing.

 

 

5. COOKIES AND SIMILAR TECHNOLOGIES

5.1 What Are Cookies?

Cookies are small data files placed on your device when you visit a website. We use cookies and similar technologies (pixel tags, web beacons, local storage) to enhance your experience on our Websites and App.

 

5.2 Types of Cookies We Use

 

CategoryPurposeExamplesDuration
EssentialRequired for website to functionSession management, securitySession
FunctionalRemember your preferencesLanguage, currency, login1 year
AnalyticsUnderstand website usageGoogle Analytics, Adobe2 years
AdvertisingDeliver relevant adsFacebook Pixel, Google Ads90 days

 

5.3 Managing Cookies

You can control cookies through:

  • Our Cookie Settings: Click “Cookie Settings” in the footer
  • Browser Settings: Most browsers allow you to refuse or delete cookies
  • Third-Party Tools: Visit aboutads.info or youronlinechoices.eu
  • Global Privacy Control: We recognize GPC signals from your browser

 

 

6. YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal information:

 

6.1 Rights for All Users

  • Access: Request a copy of your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your information (subject to exceptions)
  • Opt-Out: Opt-out of marketing communications
  • Updates: Be informed of material changes to this policy

6.2 California Residents (CCPA/CPRA)

California residents have additional rights:

  • Right to Know: Details about personal information collected, used, disclosed, or sold
  • Right to Delete: Request deletion of personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt-out of sale or sharing of personal information
  • Right to Limit Use: Limit use of sensitive personal information
  • Right to Non-Discrimination: Not be discriminated against for exercising rights

6.3 European Residents (GDPR)

If you are in the EEA or UK, you have rights under GDPR:

  • Access: Obtain confirmation and access to your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure (“Right to be Forgotten”): Request deletion in certain circumstances
  • Restriction: Request restricted processing of your data
  • Data Portability: Receive your data in a portable format
  • Object: Object to processing based on legitimate interests
  • Automated Decision-Making: Not be subject to solely automated decisions
  • Withdraw Consent: Withdraw consent at any time
  • Lodge a Complaint: File a complaint with your supervisory authority

6.4 How to Exercise Your Rights

To exercise any of your privacy rights:

  • Email: Send requests to [email protected]
  • Mail: Privacy Office, Noble House Hotels & Resorts, 600 6th Street South
    Kirkland, WA 98033

 

 

7. DATA SECURITY

7.1 Security Measures

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: SSL/TLS for data in transit, encryption for sensitive data at rest
  • Access Controls: Role-based access, principle of least privilege
  • Physical Security: Secure data centers, controlled facility access
  • Network Security: Firewalls, intrusion detection, regular security updates
  • Monitoring: 24/7 security monitoring, audit logs
  • Training: Regular privacy and security training for employees
  • Incident Response: Established procedures for detecting and responding to breaches
  • PCI Compliance: Payment Card Industry Data Security Standards compliance

7.2 Data Breach Notification

In the event of a data breach that may pose a risk to your rights and freedoms, we will:

  • Notify you as required by applicable law (typically within 72 hours)
  • Provide information about the breach and potential impacts
  • Offer guidance on protective measures you can take
  • Cooperate with regulatory authorities

 

 

8. DATA RETENTION

We retain your personal information only as long as necessary for the purposes set out in this policy, unless a longer retention period is required or permitted by law.

Data TypeRetention PeriodReason
Reservation & Stay Records7 years after checkoutTax and legal requirements
Payment Information7 yearsFinancial regulations
Account InformationDuration of account + 3 yearsService continuity
Marketing PreferencesUntil opt-out + 3 yearsSuppression lists
Customer Service Records3 yearsService improvement
Security Footage30-90 daysSecurity purposes
Website Analytics26 monthsPerformance analysis
Cookie DataVaries (see Cookie Policy)Various purposes

 

 

9. INTERNATIONAL DATA TRANSFERS

9.1 Cross-Border Transfers

Your information may be transferred to and processed in countries other than the country where you are located. These countries may have data protection laws different from your country.

 

9.2 Safeguards

When we transfer personal information internationally, we implement appropriate safeguards:

  • Standard Contractual Clauses: EU-approved contract terms for transfers from the EEA/UK
  • Adequacy Decisions: Transfers to countries deemed adequate by data protection authorities
  • Consent: Your explicit consent for certain transfers
  • Technical Measures: Encryption and security protocols for all international transfers

 

 

10. CHILDREN’S PRIVACY

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children under 16 without parental consent.

10.1 Family Stays

When families stay with us:

  • We only collect children’s information as necessary for the reservation
  • Parents or guardians must provide any required information about minors
  • We do not market directly to children
  • Children’s information is subject to the same protections as adult information

 

 

11. THIRD-PARTY LINKS AND SERVICES

Our Websites and App may contain links to third-party websites, services, and applications. We are not responsible for the privacy practices of these third parties.

Examples of Third-Party Services:

  • Social media platforms (Facebook, Instagram, Twitter)
  • Booking and review sites (TripAdvisor, Booking.com)
  • Local attractions and restaurants
  • Payment processors
  • Maps and navigation services

 

 

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. We will notify you of any material changes by:

  • Updating the “Last Updated” and “Effective Date” at the top of this policy
  • Providing notice on our Websites homepage for significant changes
  • Sending an email notification to registered users (where required by law)
  • Obtaining consent for material changes where required by applicable law

 

 

13. U.S. STATE-SPECIFIC PRIVACY NOTICES

13.1 Nevada Residents

Nevada residents may opt-out of the sale of covered information by emailing [email protected] with “Nevada Opt-Out” in the subject line.

13.2 Virginia Residents

Virginia residents have rights under the Virginia Consumer Data Protection Act (VCDPA) similar to those described in the Your Rights section above.

13.3 Colorado Residents

Colorado residents have rights under the Colorado Privacy Act (CPA) including the right to opt-out of targeted advertising and profiling.

13.4 Connecticut Residents

Connecticut residents have rights under the Connecticut Data Privacy Act (CTDPA) similar to California and Virginia residents.

 

 

14. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy
or our privacy practices, please contact us:

Privacy Office

Noble House hotels & resorts: 600 6th Street South Kirkland, WA 98033

Email: [email protected]

 

 

15. ACCESSIBILITY

We are committed to ensuring this Privacy Policy is accessible to all individuals. This policy is available in:

  • Alternative formats (large print, audio) upon request
  • Multiple languages (Spanish, French, Mandarin, Japanese)
  • Screen reader compatible HTML format

For assistance or to request this policy in an alternative format, please contact
[email protected].
 

 

16. DEFINITIONS

To help you understand this Privacy Policy, here are definitions of key terms:

  • Personal Information: Information that identifies, relates to, or could reasonably be linked to you
  • Sensitive Personal Information: Personal information revealing racial/ethnic origin, health data, financial account numbers, precise geolocation
  • Processing: Any operation performed on personal information (collection, use, disclosure, storage, deletion)
  • Service Provider: Third party that processes personal information on our behalf
  • Sale: Sharing personal information with third parties for monetary or other valuable consideration
  • Consent: Freely given, specific, informed, and unambiguous agreement

 
 
© 2026 Noble House hotels & resorts. All rights reserved.
This privacy policy was last updated on March 22, 2026